CVE-2015-5804

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. Publish Date : 2015-09-18 Last Update Date : 2015-09-18

- CVSS Scores & Vulnerability Types

CVSS Score

6.8

Confidentiality Impact

Partial(There is considerable informational disclosure.)

Integrity Impact

Partial(Modification of some system files or information is possible, but the attacker does not have control over what can be modified, or the scope of what the attacker can affect is limited.)

Availability Impact

Partial(There is reduced performance or interruptions in resource availability.)

Access Complexity

Medium(The access conditions are somewhat specialized. Some preconditions must be satistified to exploit)

Authentication

Not required(Authentication is not required to exploit the vulnerability.)